[wp-hackers] Single sign-on with Wordpress & Mediawiki
ai2097 at users.sourceforge.net
Sun Oct 28 23:04:56 GMT 2007
On Sun, 28 Oct 2007 15:21:01 -0700, "Robin Adrianse"
<robin.adr at gmail.com> wrote:
> I'm talking about real-life, apparently...
I reject your reality and substitute my own. ;)
> the possiblity of having standards for these kind of things is pretty
> slim. Very slim, in fact. Anyone who says otherwise (OpenID) is a bit
> of an optimist to say the least. OpenID, while a great idea, isn't
> going to catch on easily with the general public. A tool with only a
> few geeks (technologically aware people) using it isn't going to make
> a huge impact.
That's another issue altogether. OpenID is for a larger problem space
(single sign-on *across sites*), and that idea has already been shown
to be more-or-less a bust (can you say Passport?).
Stop me if I'm wrong here, but the issue at hand is SOS for all the
services on a *single site* -- the Wiki, forum, blog, bug tracker, etc.
Having to log in once for each service on the same site is a huge PITA
for users and admins alike. Shared authentication in this case, via a
simple auth library, is a no-brainer -- all it requires is an API;
nothing else (tables, hashes, salt...) needs to be specified. The end
result winds up sounding very PAM-like (possibly even PAM itself),
since the ultimate authentication could be done against any number of
things (a centralized MySQL DB, OpenID, LDAP, what have you).
From what I'm hearing, the current practice (hacking up a whole bunch
of products as-needed so that they work off the same auth tables) is
just one step away from this. Just abstract the auth logic out into a
couple function calls, and voila -- you have a unified (single-site)
auth architecture. It's a whole hell of a lot easier to write it
once to patch into products vs. rewriting the whole thing for every new
integration. It's not idealistic, it's pragmatic.
In Series maintainer
Random coder & quality guy
More information about the wp-hackers